3.
WHY ORACLE IDENTITY MANAGEMENT Oracle Identity Management allows enterprises to manage end-to-end lifecycle of user identities across all enterprise resources both within and beyond the firewall. You can now deploy applications faster, apply the most granular protection to enterprise resources, automatically eliminate latent access privileges, and much more. Oracle Identity Management is a member of the Oracle Fusion Middleware family of products, which brings greater agility, better decision-making, and reduced cost and risk to diverse IT environments today.

4.
Oracle Identity Management Solutions Single Sign-On and Web Access Control: Oracle Access Manager (Protecting resources at a point of access and delegating authentication and authorization decisions to a central authority, help secure web, J2EE and enterprise applications). Oracle Enterprise Single Sign-On Suite Plus (Enterprise users can enjoy the benefits of single sign-on to all of their applications, whether they are connected to the corporate network, traveling away from the office, roaming between computers or working at a shared workstation). Directory Services: Oracle Internet Directory (Is an LDAP v3 compliant directory with meta-directory capabilities. It is built on the industry leading Oracle database and is fully integrated into Oracle Fusion Middleware and Oracle Applications). Oracle Virtual Directory (Creating a secure application environment requires integration of existing user identity information. For some companies, that information is contained in databases. Others use LDAP directories or Windows Domains. For most, this information is scattered across multiple locations and multiple services, provides Internet and industry-standard LDAP and XML views of existing enterprise identity information, without synchronizing or moving data from its native locations). Oracle Directory Server Enterprise Edition (Formerly “SUN Directory Server Enterprise Edition” is the best known directory server with proven large deployments in carrier and enterprise environments. It is also the most supported directory by ISVs, so it is ideal for heterogeneous environments. ODSEE provides a core directory service with embedded database, directory proxy, Active Directory (AD) synchronization and a Web administration console). Oracle Authentication Services for Operating Systems (Oracle Authentication Services for Operating Systems provides centralized authentication and account management for Unix and Linux platforms. This page contains information to get you started with Oracle Authentication Services for Operating Systems.).

5.
Oracle Identity Management Solutions Content Access Control: Oracle Information Rights Management (Formerly “SealedMedia” is a new form of information security technology that secures and tracks sensitive digital information everywhere it is stored and used, such as encrypting (&quot;sealing&quot;) and classifying documents, emails and web pages, and the requirement to install Oracle IRM Desktop agent software on every end user device on which sealed information is created or used). Strong Authentication: Extended Identity Management Ecosystem (Organizations commonly have multiple security systems in place—one technology to secure physical access, another to secure legacy applications, and yet another to secure network access. To cope with these &quot;silo'd&quot; solutions, Oracle has partnered with best-of-breed ISVs to offer a central and effective means to enforce security policy across all enterprise resources. As part of the Oracle Identity Management Ecosystem, partner solutions seamlessly integrate into Oracle Identity Management solutions extend a common security and identity management framework across all enterprise applications). Oracle Adaptive Access Manager (Oracle Adaptive Access Manager consists of two primary components that together create one of the most powerful and flexible weapons in the war against fraud. Adaptive Strong Authenticator provides multifactor authentication and protection mechanisms for sensitive information such as passwords, PINs, security questions, account numbers and other credentials). Identity Administration: Oracle Identity Manager (Formerly known as “Oracle Xellerate Identity Provisioning”, is a powerful and flexible enterprise identity management system that automatically manages users' access privileges within enterprise IT resources). Oracle Role Manager (Previously known as “Bridgestream SmartRoles”, is an enterprise-class application for managing business and organizational role lifecycle management).

6.
Oracle Identity Management Solutions Federated Identity: Oracle Identity Federation (Significantly reduces the need to create unnecessary identity in an enterprise directory and lowers the ongoing costs of partner integrations through support of industry federation standards, protects existing IT investments by integrating with a wide variety of data stores, user directories, authentication providers and applications) Fine Grained Entitlements: Oracle Entitlements Server (Secures access to application resources and software components (such as URLs, EJBs, and JSPs) as well as arbitrary business objects (such as customer accounts or patient records). Oracle Entitlements Server policies specify which users, groups, and/or roles can access application resources, allowing those roles to be dynamically resolved at runtime). Oracle – Sun: Oracle Waveset (Providesoperational and business efficiency by providing complete automation of user accounts and entitlements provisioning into a variety of enterprise business applications. Oracle Waveset integrates automated identity lifecycle management with identity auditing capabilities, and makes it possible to manage these processes at the business role level). Oracle OpenSSO (Is a complete solution that provides Web access management, federated single sign-on and Web services security in a single, self-contained application).

14.
WHAT IS ORACLE IDENTITY MANAGER <ul><li>Oracle Identity Manager is an application that handles and selectively automates tasks that manage a user’s access privileges. Such tasks include: </li></ul><ul><ul><li>Creating access privileges to resources for users. </li></ul></ul><ul><ul><li>Modifying these privileges dynamically based on changes to user and business requirements. </li></ul></ul><ul><ul><li>Removing these access privileges from users. </li></ul></ul>

22.
RECONCILIATION & PROVISIONING: OVERVIEW <ul><ul><li>Reconciliation is the process by which Oracle Identity Manager receives information from an external resource. </li></ul></ul><ul><ul><li>Provisioning is the process by which Oracle Identity Manager sends information to a target resource. </li></ul></ul><ul><ul><li>By using reconciliation and provisioning, Oracle Identity Manager can perform the following actions: </li></ul></ul><ul><ul><ul><li>Create a user record in a resource </li></ul></ul></ul><ul><ul><ul><li>Modify the privileges that the user has with the resource </li></ul></ul></ul><ul><ul><ul><li>Remove the user record from the resource </li></ul></ul></ul>

25.
PROVISIONING: TYPES <ul><li>There are two types of provisioning that Oracle Identity Manager performs: </li></ul><ul><ul><li>Day-one provisioning </li></ul></ul><ul><ul><ul><li>Initial creation of access privileges to resources for users. </li></ul></ul></ul><ul><ul><ul><li>Removal of these privileges from users. </li></ul></ul></ul><ul><ul><li>Day-two provisioning </li></ul></ul><ul><ul><ul><li>Dynamic modification of user privileges with resources, based on changes to user and business requirements. </li></ul></ul></ul>

30.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP1 <ul><li>Create an IT resource type. This record represents the classification type, parameter fields, and encryption settings that are associated with a resource. </li></ul>IT resource type 1

31.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP1 <ul><li>This screenshot illustrates an IT resource type for an Oracle HRMS. There is a one-to-one relationship between the IT resource type and the connector. That is, each connector should have only one IT resource type. </li></ul>

32.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP2 <ul><li>Define an IT resource. This record contains the values that Oracle Identity Manager needs to communicate with a resource and access it as a system administrator (for provisioning or reconciliation purposes). </li></ul>IT resource IT resource type 2

33.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP2 <ul><li>This screenshot illustrates an IT resource for an Oracle HRMS. There is a one-to-one relationship between the IT resource and the system, service, or application that it represents. If you have four resources, you would thus have four IT resources. </li></ul>

34.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP3 <ul><li>Create a custom process form. This record is a central housing mechanism that holds everything that Oracle Identity Manager needs to either provision a user to a target resource or reconcile a user with an external resource. </li></ul>IT resource type Custom process form 3 IT resource

37.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP4 <ul><li>A process task adapter automates the creation of a user’s account in an Oracle HRMS. There is a one-to-one relationship between the adapter and a process task: each task can be associated with only one adapter. </li></ul>

38.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP5 <ul><li>Define a resource object. This record is a virtual representation of a resource and contains everything needed to either provision a user to that resource or reconcile a user with it. </li></ul>IT resource IT resource type Resource object Custom process form Process task adapter 5

41.
CONSTRUCTING AN ORACLE IDENTITY MANAGER CONNECTOR: STEP6 <ul><li>There is a 1-to-1 relationship between a provisioning process and the workflow that it represents. If you have two resource-related workflows, you should have two processes. </li></ul>